CVE-2025-46784

High CVSS: 7.5

A denial of service vulnerability exists in the lasso_node_init_from_message_with_format functionality of Entr'ouvert Lasso 2.5.1. A specially crafted SAML response can lead to a memory depletion, resulting in denial of service. An attacker can send a malformed SAML response to trigger this vulnerability.

Vendor

Entrouvert

Product

Lasso

CWE

CWE-401

Yayın Tarihi

2025-11-05 15:15:39

Güncelleme

2025-11-07 20:01:13

Source Identifier

talos-cna@cisco.com

KEV Date Added

Kategoriler

CWE-401 Lasso HIGH Entrouvert 2025

Referanslar

https://talosintelligence.com/vulnerability_reports/TALOS-2025-2195 https://www.talosintelligence.com/vulnerability_reports/TALOS-2025-2195

Benzer Kayıtlar

Critical

CVE-2025-47151

A type confusion vulnerability exists in the lasso_node_impl_init_from_xml functionality of Entr'ouvert Lasso 2.5.1…

High

CVE-2025-46705

A denial of service vulnerability exists in the g_assert_not_reached functionality of Entr'ouvert Lasso 2.5.1 and 2.…

High

CVE-2025-46404

A denial of service vulnerability exists in the lasso_provider_verify_saml_signature functionality of Entr'ouvert La…